Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
messaging gateway vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2019-18379
Symantec Messaging Gateway, before 10.7.3, may be susceptible to a server-side request forgery (SSRF) exploit, which is a type of issue that can let an attacker send crafted requests from the backend server of a vulnerable web application or access services available through the ...
Symantec Messaging Gateway
9
CVSSv2
CVE-2020-11852
DKIM key management page vulnerability on Micro Focus Secure Messaging Gateway (SMG). Affecting all SMG Appliance running releases prior to July 2020. The vulnerability could allow a logged in user with rights to generate DKIM key information to inject system commands into the ca...
Microfocus Secure Messaging Gateway
9
CVSSv2
CVE-2020-12594
A privilege escalation flaw allows a malicious, authenticated, privileged CLI user to escalate their privileges on the system and gain full control over the SMG appliance. This affects SMG before 10.7.4.
Broadcom Symantec Messaging Gateway
7.5
CVSSv2
CVE-2018-12464
A SQL injection vulnerability in the web administration and quarantine components of Micro Focus Secure Messaging Gateway allows an unauthenticated remote malicious user to execute arbitrary SQL statements against the database. This can be exploited to create an administrative ac...
Microfocus Secure Messaging Gateway
1 EDB exploit
NA
CVE-2024-23614
A buffer overflow vulnerability exists in Symantec Messaging Gateway versions 9.5 and before. A remote, anonymous attacker can exploit this vulnerability to achieve remote code execution as root.
Broadcom Symantec Messaging Gateway
NA
CVE-2024-23615
A buffer overflow vulnerability exists in Symantec Messaging Gateway versions 10.5 and before. A remote, anonymous attacker can exploit this vulnerability to achieve remote code execution as root.
Broadcom Symantec Messaging Gateway
9
CVSSv2
CVE-2018-12465
An OS command injection vulnerability in the web administration component of Micro Focus Secure Messaging Gateway (SMG) allows a remote attacker authenticated as a privileged user to execute arbitrary OS commands on the SMG server. This can be exploited in conjunction with CVE-20...
Microfocus Secure Messaging Gateway
1 EDB exploit
2.1
CVSSv2
CVE-2016-2203
The management console on Symantec Messaging Gateway (SMG) Appliance devices prior to 10.6.1 allows local users to discover an encrypted AD password by leveraging certain read privileges.
Symantec Messaging Gateway 10.6.0
1 EDB exploit
4
CVSSv2
CVE-2021-30651
A malicious authenticated SMG administrator user can obtain passwords for external LDAP/Active Directory servers that they might not otherwise be authorized to access.
Broadcom Symantec Messaging Gateway
4
CVSSv2
CVE-2020-12595
An information disclosure flaw allows a malicious, authenticated, privileged web UI user to obtain a password for a remote SCP backup server that they might not otherwise be authorized to access. This affects SMG before 10.7.4.
Broadcom Symantec Messaging Gateway
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »